<?php
/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
*/
include 'inc/PAGE.php';
$p = new PAGE("");

$loginOk = $p->s()->getvar("loginOk");
$username = $p->s()->getvar("username");
$type = $p->s()->getvar("type");

if($loginOk==1  && strlen($username)>0 && ($type==LIB || $type==USER)) {
    /*
     * id
     * name
     * email
     * details
     * pass1
     * pass2
    */
    $id = $_POST['id'];
    $name = $_POST['name'];
    $email = $_POST['email'];
    $details = $_POST['details'];
    $oldpass = $_POST['oldpass'];
    $pass1 = $_POST['pass1'];
    $pass2 = $_POST['pass2'];

    $oldpass = md5($oldpass);
    $s = "SELECT COUNT(*) FROM users WHERE username='".$username."' AND password='".$oldpass."'";
    $arr = $p->db()->gettoprow($s);
    
    if($arr[0] == 1) {
        if($pass1==$pass2) {
            $pass = md5($pass1);
            $sql = "UPDATE users SET name='".$name."',email='".$email."',details='".$details."',password='".$pass."' WHERE username='".$username."'";
            $p->db()->insert($sql);
            header("Location: ./ze_user_info.php");
        }else {
            header("Location: ./ze_user_info.php?error=<br><font color='red'>*New Password+Mismatch</font>");
        }
    }else {
        header("Location: ./ze_user_info.php?error=<br><font color='red'>*Old password+Mismatch</font>");
    }
    
}else {
    header("Location: ./index.php");
}
?>
<a href="index.php"><br/>index.php</a>